1 .. SPDX-License-Identifier: GPL-2.0 1 .. SPDX-License-Identifier: GPL-2.0
2 2
3 ==================== 3 ====================
4 Generic vm interface 4 Generic vm interface
5 ==================== 5 ====================
6 6
7 The virtual machine "device" also accepts the 7 The virtual machine "device" also accepts the ioctls KVM_SET_DEVICE_ATTR,
8 KVM_GET_DEVICE_ATTR, and KVM_HAS_DEVICE_ATTR. 8 KVM_GET_DEVICE_ATTR, and KVM_HAS_DEVICE_ATTR. The interface uses the same
9 struct kvm_device_attr as other devices, but t 9 struct kvm_device_attr as other devices, but targets VM-wide settings
10 and controls. 10 and controls.
11 11
12 The groups and attributes per virtual machine, 12 The groups and attributes per virtual machine, if any, are architecture
13 specific. 13 specific.
14 14
15 1. GROUP: KVM_S390_VM_MEM_CTRL 15 1. GROUP: KVM_S390_VM_MEM_CTRL
16 ============================== 16 ==============================
17 17
18 :Architectures: s390 18 :Architectures: s390
19 19
20 1.1. ATTRIBUTE: KVM_S390_VM_MEM_ENABLE_CMMA 20 1.1. ATTRIBUTE: KVM_S390_VM_MEM_ENABLE_CMMA
21 ------------------------------------------- 21 -------------------------------------------
22 22
23 :Parameters: none 23 :Parameters: none
24 :Returns: -EBUSY if a vcpu is already defined, 24 :Returns: -EBUSY if a vcpu is already defined, otherwise 0
25 25
26 Enables Collaborative Memory Management Assist 26 Enables Collaborative Memory Management Assist (CMMA) for the virtual machine.
27 27
28 1.2. ATTRIBUTE: KVM_S390_VM_MEM_CLR_CMMA 28 1.2. ATTRIBUTE: KVM_S390_VM_MEM_CLR_CMMA
29 ---------------------------------------- 29 ----------------------------------------
30 30
31 :Parameters: none 31 :Parameters: none
32 :Returns: -EINVAL if CMMA was not enabled; 32 :Returns: -EINVAL if CMMA was not enabled;
33 0 otherwise 33 0 otherwise
34 34
35 Clear the CMMA status for all guest pages, so 35 Clear the CMMA status for all guest pages, so any pages the guest marked
36 as unused are again used any may not be reclai 36 as unused are again used any may not be reclaimed by the host.
37 37
38 1.3. ATTRIBUTE KVM_S390_VM_MEM_LIMIT_SIZE 38 1.3. ATTRIBUTE KVM_S390_VM_MEM_LIMIT_SIZE
39 ----------------------------------------- 39 -----------------------------------------
40 40
41 :Parameters: in attr->addr the address for the 41 :Parameters: in attr->addr the address for the new limit of guest memory
42 :Returns: -EFAULT if the given address is not 42 :Returns: -EFAULT if the given address is not accessible;
43 -EINVAL if the virtual machine is of 43 -EINVAL if the virtual machine is of type UCONTROL;
44 -E2BIG if the given guest memory is 44 -E2BIG if the given guest memory is to big for that machine;
45 -EBUSY if a vcpu is already defined; 45 -EBUSY if a vcpu is already defined;
46 -ENOMEM if not enough memory is avai 46 -ENOMEM if not enough memory is available for a new shadow guest mapping;
47 0 otherwise. 47 0 otherwise.
48 48
49 Allows userspace to query the actual limit and 49 Allows userspace to query the actual limit and set a new limit for
50 the maximum guest memory size. The limit will 50 the maximum guest memory size. The limit will be rounded up to
51 2048 MB, 4096 GB, 8192 TB respectively, as thi 51 2048 MB, 4096 GB, 8192 TB respectively, as this limit is governed by
52 the number of page table levels. In the case t 52 the number of page table levels. In the case that there is no limit we will set
53 the limit to KVM_S390_NO_MEM_LIMIT (U64_MAX). 53 the limit to KVM_S390_NO_MEM_LIMIT (U64_MAX).
54 54
55 2. GROUP: KVM_S390_VM_CPU_MODEL 55 2. GROUP: KVM_S390_VM_CPU_MODEL
56 =============================== 56 ===============================
57 57
58 :Architectures: s390 58 :Architectures: s390
59 59
60 2.1. ATTRIBUTE: KVM_S390_VM_CPU_MACHINE (r/o) 60 2.1. ATTRIBUTE: KVM_S390_VM_CPU_MACHINE (r/o)
61 --------------------------------------------- 61 ---------------------------------------------
62 62
63 Allows user space to retrieve machine and kvm 63 Allows user space to retrieve machine and kvm specific cpu related information::
64 64
65 struct kvm_s390_vm_cpu_machine { 65 struct kvm_s390_vm_cpu_machine {
66 __u64 cpuid; # CPUID of host 66 __u64 cpuid; # CPUID of host
67 __u32 ibc; # IBC level rang 67 __u32 ibc; # IBC level range offered by host
68 __u8 pad[4]; 68 __u8 pad[4];
69 __u64 fac_mask[256]; # set of cpu fac 69 __u64 fac_mask[256]; # set of cpu facilities enabled by KVM
70 __u64 fac_list[256]; # set of cpu fac 70 __u64 fac_list[256]; # set of cpu facilities offered by host
71 } 71 }
72 72
73 :Parameters: address of buffer to store the ma 73 :Parameters: address of buffer to store the machine related cpu data
74 of type struct kvm_s390_vm_cpu_ma 74 of type struct kvm_s390_vm_cpu_machine*
75 :Returns: -EFAULT if the given address is no 75 :Returns: -EFAULT if the given address is not accessible from kernel space;
76 -ENOMEM if not enough memory is av 76 -ENOMEM if not enough memory is available to process the ioctl;
77 0 in case of success. 77 0 in case of success.
78 78
79 2.2. ATTRIBUTE: KVM_S390_VM_CPU_PROCESSOR (r/w 79 2.2. ATTRIBUTE: KVM_S390_VM_CPU_PROCESSOR (r/w)
80 ============================================== 80 ===============================================
81 81
82 Allows user space to retrieve or request to ch 82 Allows user space to retrieve or request to change cpu related information for a vcpu::
83 83
84 struct kvm_s390_vm_cpu_processor { 84 struct kvm_s390_vm_cpu_processor {
85 __u64 cpuid; # CPUID currentl 85 __u64 cpuid; # CPUID currently (to be) used by this vcpu
86 __u16 ibc; # IBC level curr 86 __u16 ibc; # IBC level currently (to be) used by this vcpu
87 __u8 pad[6]; 87 __u8 pad[6];
88 __u64 fac_list[256]; # set of cpu fac 88 __u64 fac_list[256]; # set of cpu facilities currently (to be) used
89 # by this vcpu 89 # by this vcpu
90 } 90 }
91 91
92 KVM does not enforce or limit the cpu model da 92 KVM does not enforce or limit the cpu model data in any form. Take the information
93 retrieved by means of KVM_S390_VM_CPU_MACHINE 93 retrieved by means of KVM_S390_VM_CPU_MACHINE as hint for reasonable configuration
94 setups. Instruction interceptions triggered by 94 setups. Instruction interceptions triggered by additionally set facility bits that
95 are not handled by KVM need to by implemented 95 are not handled by KVM need to by implemented in the VM driver code.
96 96
97 :Parameters: address of buffer to store/set th 97 :Parameters: address of buffer to store/set the processor related cpu
98 data of type struct kvm_s390_vm_c 98 data of type struct kvm_s390_vm_cpu_processor*.
99 :Returns: -EBUSY in case 1 or more vcpus are 99 :Returns: -EBUSY in case 1 or more vcpus are already activated (only in write case);
100 -EFAULT if the given address is not 100 -EFAULT if the given address is not accessible from kernel space;
101 -ENOMEM if not enough memory is ava 101 -ENOMEM if not enough memory is available to process the ioctl;
102 0 in case of success. 102 0 in case of success.
103 103
104 .. _KVM_S390_VM_CPU_MACHINE_FEAT: 104 .. _KVM_S390_VM_CPU_MACHINE_FEAT:
105 105
106 2.3. ATTRIBUTE: KVM_S390_VM_CPU_MACHINE_FEAT ( 106 2.3. ATTRIBUTE: KVM_S390_VM_CPU_MACHINE_FEAT (r/o)
107 ---------------------------------------------- 107 --------------------------------------------------
108 108
109 Allows user space to retrieve available cpu fe 109 Allows user space to retrieve available cpu features. A feature is available if
110 provided by the hardware and supported by kvm. 110 provided by the hardware and supported by kvm. In theory, cpu features could
111 even be completely emulated by kvm. 111 even be completely emulated by kvm.
112 112
113 :: 113 ::
114 114
115 struct kvm_s390_vm_cpu_feat { 115 struct kvm_s390_vm_cpu_feat {
116 __u64 feat[16]; # Bitmap (1 = feature 116 __u64 feat[16]; # Bitmap (1 = feature available), MSB 0 bit numbering
117 }; 117 };
118 118
119 :Parameters: address of a buffer to load the f 119 :Parameters: address of a buffer to load the feature list from.
120 :Returns: -EFAULT if the given address is not 120 :Returns: -EFAULT if the given address is not accessible from kernel space;
121 0 in case of success. 121 0 in case of success.
122 122
123 2.4. ATTRIBUTE: KVM_S390_VM_CPU_PROCESSOR_FEAT 123 2.4. ATTRIBUTE: KVM_S390_VM_CPU_PROCESSOR_FEAT (r/w)
124 ---------------------------------------------- 124 ----------------------------------------------------
125 125
126 Allows user space to retrieve or change enable 126 Allows user space to retrieve or change enabled cpu features for all VCPUs of a
127 VM. Features that are not available cannot be 127 VM. Features that are not available cannot be enabled.
128 128
129 See :ref:`KVM_S390_VM_CPU_MACHINE_FEAT` for 129 See :ref:`KVM_S390_VM_CPU_MACHINE_FEAT` for
130 a description of the parameter struct. 130 a description of the parameter struct.
131 131
132 :Parameters: address of a buffer to store/load 132 :Parameters: address of a buffer to store/load the feature list from.
133 :Returns: -EFAULT if the given address is no 133 :Returns: -EFAULT if the given address is not accessible from kernel space;
134 -EINVAL if a cpu feature that is n 134 -EINVAL if a cpu feature that is not available is to be enabled;
135 -EBUSY if at least one VCPU has al 135 -EBUSY if at least one VCPU has already been defined;
136 0 in case of success. 136 0 in case of success.
137 137
138 .. _KVM_S390_VM_CPU_MACHINE_SUBFUNC: 138 .. _KVM_S390_VM_CPU_MACHINE_SUBFUNC:
139 139
140 2.5. ATTRIBUTE: KVM_S390_VM_CPU_MACHINE_SUBFUN 140 2.5. ATTRIBUTE: KVM_S390_VM_CPU_MACHINE_SUBFUNC (r/o)
141 ---------------------------------------------- 141 -----------------------------------------------------
142 142
143 Allows user space to retrieve available cpu su 143 Allows user space to retrieve available cpu subfunctions without any filtering
144 done by a set IBC. These subfunctions are indi 144 done by a set IBC. These subfunctions are indicated to the guest VCPU via
145 query or "test bit" subfunctions and used e.g. 145 query or "test bit" subfunctions and used e.g. by cpacf functions, plo and ptff.
146 146
147 A subfunction block is only valid if KVM_S390_ 147 A subfunction block is only valid if KVM_S390_VM_CPU_MACHINE contains the
148 STFL(E) bit introducing the affected instructi 148 STFL(E) bit introducing the affected instruction. If the affected instruction
149 indicates subfunctions via a "query subfunctio 149 indicates subfunctions via a "query subfunction", the response block is
150 contained in the returned struct. If the affec 150 contained in the returned struct. If the affected instruction
151 indicates subfunctions via a "test bit" mechan 151 indicates subfunctions via a "test bit" mechanism, the subfunction codes are
152 contained in the returned struct in MSB 0 bit 152 contained in the returned struct in MSB 0 bit numbering.
153 153
154 :: 154 ::
155 155
156 struct kvm_s390_vm_cpu_subfunc { 156 struct kvm_s390_vm_cpu_subfunc {
157 u8 plo[32]; # always valid (E 157 u8 plo[32]; # always valid (ESA/390 feature)
158 u8 ptff[16]; # valid with TOD- 158 u8 ptff[16]; # valid with TOD-clock steering
159 u8 kmac[16]; # valid with Mess 159 u8 kmac[16]; # valid with Message-Security-Assist
160 u8 kmc[16]; # valid with Mess 160 u8 kmc[16]; # valid with Message-Security-Assist
161 u8 km[16]; # valid with Mess 161 u8 km[16]; # valid with Message-Security-Assist
162 u8 kimd[16]; # valid with Mess 162 u8 kimd[16]; # valid with Message-Security-Assist
163 u8 klmd[16]; # valid with Mess 163 u8 klmd[16]; # valid with Message-Security-Assist
164 u8 pckmo[16]; # valid with Mess 164 u8 pckmo[16]; # valid with Message-Security-Assist-Extension 3
165 u8 kmctr[16]; # valid with Mess 165 u8 kmctr[16]; # valid with Message-Security-Assist-Extension 4
166 u8 kmf[16]; # valid with Mess 166 u8 kmf[16]; # valid with Message-Security-Assist-Extension 4
167 u8 kmo[16]; # valid with Mess 167 u8 kmo[16]; # valid with Message-Security-Assist-Extension 4
168 u8 pcc[16]; # valid with Mess 168 u8 pcc[16]; # valid with Message-Security-Assist-Extension 4
169 u8 ppno[16]; # valid with Mess 169 u8 ppno[16]; # valid with Message-Security-Assist-Extension 5
170 u8 kma[16]; # valid with Mess 170 u8 kma[16]; # valid with Message-Security-Assist-Extension 8
171 u8 kdsa[16]; # valid with Mess 171 u8 kdsa[16]; # valid with Message-Security-Assist-Extension 9
172 u8 reserved[1792]; # reserved for fu 172 u8 reserved[1792]; # reserved for future instructions
173 }; 173 };
174 174
175 :Parameters: address of a buffer to load the s 175 :Parameters: address of a buffer to load the subfunction blocks from.
176 :Returns: -EFAULT if the given address is no 176 :Returns: -EFAULT if the given address is not accessible from kernel space;
177 0 in case of success. 177 0 in case of success.
178 178
179 2.6. ATTRIBUTE: KVM_S390_VM_CPU_PROCESSOR_SUBF 179 2.6. ATTRIBUTE: KVM_S390_VM_CPU_PROCESSOR_SUBFUNC (r/w)
180 ---------------------------------------------- 180 -------------------------------------------------------
181 181
182 Allows user space to retrieve or change cpu su 182 Allows user space to retrieve or change cpu subfunctions to be indicated for
183 all VCPUs of a VM. This attribute will only be 183 all VCPUs of a VM. This attribute will only be available if kernel and
184 hardware support are in place. 184 hardware support are in place.
185 185
186 The kernel uses the configured subfunction blo 186 The kernel uses the configured subfunction blocks for indication to
187 the guest. A subfunction block will only be us 187 the guest. A subfunction block will only be used if the associated STFL(E) bit
188 has not been disabled by user space (so the in 188 has not been disabled by user space (so the instruction to be queried is
189 actually available for the guest). 189 actually available for the guest).
190 190
191 As long as no data has been written, a read wi 191 As long as no data has been written, a read will fail. The IBC will be used
192 to determine available subfunctions in this ca 192 to determine available subfunctions in this case, this will guarantee backward
193 compatibility. 193 compatibility.
194 194
195 See :ref:`KVM_S390_VM_CPU_MACHINE_SUBFUNC` for 195 See :ref:`KVM_S390_VM_CPU_MACHINE_SUBFUNC` for a
196 description of the parameter struct. 196 description of the parameter struct.
197 197
198 :Parameters: address of a buffer to store/load 198 :Parameters: address of a buffer to store/load the subfunction blocks from.
199 :Returns: -EFAULT if the given address is no 199 :Returns: -EFAULT if the given address is not accessible from kernel space;
200 -EINVAL when reading, if there was 200 -EINVAL when reading, if there was no write yet;
201 -EBUSY if at least one VCPU has al 201 -EBUSY if at least one VCPU has already been defined;
202 0 in case of success. 202 0 in case of success.
203 203
204 3. GROUP: KVM_S390_VM_TOD 204 3. GROUP: KVM_S390_VM_TOD
205 ========================= 205 =========================
206 206
207 :Architectures: s390 207 :Architectures: s390
208 208
209 3.1. ATTRIBUTE: KVM_S390_VM_TOD_HIGH 209 3.1. ATTRIBUTE: KVM_S390_VM_TOD_HIGH
210 ------------------------------------ 210 ------------------------------------
211 211
212 Allows user space to set/get the TOD clock ext 212 Allows user space to set/get the TOD clock extension (u8) (superseded by
213 KVM_S390_VM_TOD_EXT). 213 KVM_S390_VM_TOD_EXT).
214 214
215 :Parameters: address of a buffer in user space 215 :Parameters: address of a buffer in user space to store the data (u8) to
216 :Returns: -EFAULT if the given address is no 216 :Returns: -EFAULT if the given address is not accessible from kernel space;
217 -EINVAL if setting the TOD clock e 217 -EINVAL if setting the TOD clock extension to != 0 is not supported
218 -EOPNOTSUPP for a PV guest (TOD ma 218 -EOPNOTSUPP for a PV guest (TOD managed by the ultravisor)
219 219
220 3.2. ATTRIBUTE: KVM_S390_VM_TOD_LOW 220 3.2. ATTRIBUTE: KVM_S390_VM_TOD_LOW
221 ----------------------------------- 221 -----------------------------------
222 222
223 Allows user space to set/get bits 0-63 of the 223 Allows user space to set/get bits 0-63 of the TOD clock register as defined in
224 the POP (u64). 224 the POP (u64).
225 225
226 :Parameters: address of a buffer in user space 226 :Parameters: address of a buffer in user space to store the data (u64) to
227 :Returns: -EFAULT if the given address is n 227 :Returns: -EFAULT if the given address is not accessible from kernel space
228 -EOPNOTSUPP for a PV guest (TOD m 228 -EOPNOTSUPP for a PV guest (TOD managed by the ultravisor)
229 229
230 3.3. ATTRIBUTE: KVM_S390_VM_TOD_EXT 230 3.3. ATTRIBUTE: KVM_S390_VM_TOD_EXT
231 ----------------------------------- 231 -----------------------------------
232 232
233 Allows user space to set/get bits 0-63 of the 233 Allows user space to set/get bits 0-63 of the TOD clock register as defined in
234 the POP (u64). If the guest CPU model supports 234 the POP (u64). If the guest CPU model supports the TOD clock extension (u8), it
235 also allows user space to get/set it. If the g 235 also allows user space to get/set it. If the guest CPU model does not support
236 it, it is stored as 0 and not allowed to be se 236 it, it is stored as 0 and not allowed to be set to a value != 0.
237 237
238 :Parameters: address of a buffer in user space 238 :Parameters: address of a buffer in user space to store the data
239 (kvm_s390_vm_tod_clock) to 239 (kvm_s390_vm_tod_clock) to
240 :Returns: -EFAULT if the given address is no 240 :Returns: -EFAULT if the given address is not accessible from kernel space;
241 -EINVAL if setting the TOD clock e 241 -EINVAL if setting the TOD clock extension to != 0 is not supported
242 -EOPNOTSUPP for a PV guest (TOD ma 242 -EOPNOTSUPP for a PV guest (TOD managed by the ultravisor)
243 243
244 4. GROUP: KVM_S390_VM_CRYPTO 244 4. GROUP: KVM_S390_VM_CRYPTO
245 ============================ 245 ============================
246 246
247 :Architectures: s390 247 :Architectures: s390
248 248
249 4.1. ATTRIBUTE: KVM_S390_VM_CRYPTO_ENABLE_AES_ 249 4.1. ATTRIBUTE: KVM_S390_VM_CRYPTO_ENABLE_AES_KW (w/o)
250 ---------------------------------------------- 250 ------------------------------------------------------
251 251
252 Allows user space to enable aes key wrapping, 252 Allows user space to enable aes key wrapping, including generating a new
253 wrapping key. 253 wrapping key.
254 254
255 :Parameters: none 255 :Parameters: none
256 :Returns: 0 256 :Returns: 0
257 257
258 4.2. ATTRIBUTE: KVM_S390_VM_CRYPTO_ENABLE_DEA_ 258 4.2. ATTRIBUTE: KVM_S390_VM_CRYPTO_ENABLE_DEA_KW (w/o)
259 ---------------------------------------------- 259 ------------------------------------------------------
260 260
261 Allows user space to enable dea key wrapping, 261 Allows user space to enable dea key wrapping, including generating a new
262 wrapping key. 262 wrapping key.
263 263
264 :Parameters: none 264 :Parameters: none
265 :Returns: 0 265 :Returns: 0
266 266
267 4.3. ATTRIBUTE: KVM_S390_VM_CRYPTO_DISABLE_AES 267 4.3. ATTRIBUTE: KVM_S390_VM_CRYPTO_DISABLE_AES_KW (w/o)
268 ---------------------------------------------- 268 -------------------------------------------------------
269 269
270 Allows user space to disable aes key wrapping, 270 Allows user space to disable aes key wrapping, clearing the wrapping key.
271 271
272 :Parameters: none 272 :Parameters: none
273 :Returns: 0 273 :Returns: 0
274 274
275 4.4. ATTRIBUTE: KVM_S390_VM_CRYPTO_DISABLE_DEA 275 4.4. ATTRIBUTE: KVM_S390_VM_CRYPTO_DISABLE_DEA_KW (w/o)
276 ---------------------------------------------- 276 -------------------------------------------------------
277 277
278 Allows user space to disable dea key wrapping, 278 Allows user space to disable dea key wrapping, clearing the wrapping key.
279 279
280 :Parameters: none 280 :Parameters: none
281 :Returns: 0 281 :Returns: 0
282 282
283 5. GROUP: KVM_S390_VM_MIGRATION 283 5. GROUP: KVM_S390_VM_MIGRATION
284 =============================== 284 ===============================
285 285
286 :Architectures: s390 286 :Architectures: s390
287 287
288 5.1. ATTRIBUTE: KVM_S390_VM_MIGRATION_STOP (w/ 288 5.1. ATTRIBUTE: KVM_S390_VM_MIGRATION_STOP (w/o)
289 ---------------------------------------------- 289 ------------------------------------------------
290 290
291 Allows userspace to stop migration mode, neede 291 Allows userspace to stop migration mode, needed for PGSTE migration.
292 Setting this attribute when migration mode is 292 Setting this attribute when migration mode is not active will have no
293 effects. 293 effects.
294 294
295 :Parameters: none 295 :Parameters: none
296 :Returns: 0 296 :Returns: 0
297 297
298 5.2. ATTRIBUTE: KVM_S390_VM_MIGRATION_START (w 298 5.2. ATTRIBUTE: KVM_S390_VM_MIGRATION_START (w/o)
299 ---------------------------------------------- 299 -------------------------------------------------
300 300
301 Allows userspace to start migration mode, need 301 Allows userspace to start migration mode, needed for PGSTE migration.
302 Setting this attribute when migration mode is 302 Setting this attribute when migration mode is already active will have
303 no effects. 303 no effects.
304 304
305 Dirty tracking must be enabled on all memslots 305 Dirty tracking must be enabled on all memslots, else -EINVAL is returned. When
306 dirty tracking is disabled on any memslot, mig 306 dirty tracking is disabled on any memslot, migration mode is automatically
307 stopped. 307 stopped.
308 308
309 :Parameters: none 309 :Parameters: none
310 :Returns: -ENOMEM if there is not enough fre 310 :Returns: -ENOMEM if there is not enough free memory to start migration mode;
311 -EINVAL if the state of the VM is 311 -EINVAL if the state of the VM is invalid (e.g. no memory defined);
312 0 in case of success. 312 0 in case of success.
313 313
314 5.3. ATTRIBUTE: KVM_S390_VM_MIGRATION_STATUS ( 314 5.3. ATTRIBUTE: KVM_S390_VM_MIGRATION_STATUS (r/o)
315 ---------------------------------------------- 315 --------------------------------------------------
316 316
317 Allows userspace to query the status of migrat 317 Allows userspace to query the status of migration mode.
318 318
319 :Parameters: address of a buffer in user space 319 :Parameters: address of a buffer in user space to store the data (u64) to;
320 the data itself is either 0 if mi 320 the data itself is either 0 if migration mode is disabled or 1
321 if it is enabled 321 if it is enabled
322 :Returns: -EFAULT if the given address is no 322 :Returns: -EFAULT if the given address is not accessible from kernel space;
323 0 in case of success. 323 0 in case of success.
324 324
325 6. GROUP: KVM_ARM_VM_SMCCC_CTRL 325 6. GROUP: KVM_ARM_VM_SMCCC_CTRL
326 =============================== 326 ===============================
327 327
328 :Architectures: arm64 328 :Architectures: arm64
329 329
330 6.1. ATTRIBUTE: KVM_ARM_VM_SMCCC_FILTER (w/o) 330 6.1. ATTRIBUTE: KVM_ARM_VM_SMCCC_FILTER (w/o)
331 --------------------------------------------- 331 ---------------------------------------------
332 332
333 :Parameters: Pointer to a ``struct kvm_smccc_f 333 :Parameters: Pointer to a ``struct kvm_smccc_filter``
334 334
335 :Returns: 335 :Returns:
336 336
337 ====== ============================== 337 ====== ===========================================
338 EEXIST Range intersects with a previo 338 EEXIST Range intersects with a previously inserted
339 or reserved range 339 or reserved range
340 EBUSY A vCPU in the VM has already r 340 EBUSY A vCPU in the VM has already run
341 EINVAL Invalid filter configuration 341 EINVAL Invalid filter configuration
342 ENOMEM Failed to allocate memory for 342 ENOMEM Failed to allocate memory for the in-kernel
343 representation of the SMCCC fi 343 representation of the SMCCC filter
344 ====== ============================== 344 ====== ===========================================
345 345
346 Requests the installation of an SMCCC call fil 346 Requests the installation of an SMCCC call filter described as follows::
347 347
348 enum kvm_smccc_filter_action { 348 enum kvm_smccc_filter_action {
349 KVM_SMCCC_FILTER_HANDLE = 0, 349 KVM_SMCCC_FILTER_HANDLE = 0,
350 KVM_SMCCC_FILTER_DENY, 350 KVM_SMCCC_FILTER_DENY,
351 KVM_SMCCC_FILTER_FWD_TO_USER, 351 KVM_SMCCC_FILTER_FWD_TO_USER,
352 }; 352 };
353 353
354 struct kvm_smccc_filter { 354 struct kvm_smccc_filter {
355 __u32 base; 355 __u32 base;
356 __u32 nr_functions; 356 __u32 nr_functions;
357 __u8 action; 357 __u8 action;
358 __u8 pad[15]; 358 __u8 pad[15];
359 }; 359 };
360 360
361 The filter is defined as a set of non-overlapp 361 The filter is defined as a set of non-overlapping ranges. Each
362 range defines an action to be applied to SMCCC 362 range defines an action to be applied to SMCCC calls within the range.
363 Userspace can insert multiple ranges into the 363 Userspace can insert multiple ranges into the filter by using
364 successive calls to this attribute. 364 successive calls to this attribute.
365 365
366 The default configuration of KVM is such that 366 The default configuration of KVM is such that all implemented SMCCC
367 calls are allowed. Thus, the SMCCC filter can 367 calls are allowed. Thus, the SMCCC filter can be defined sparsely
368 by userspace, only describing ranges that modi 368 by userspace, only describing ranges that modify the default behavior.
369 369
370 The range expressed by ``struct kvm_smccc_filt 370 The range expressed by ``struct kvm_smccc_filter`` is
371 [``base``, ``base + nr_functions``). The range 371 [``base``, ``base + nr_functions``). The range is not allowed to wrap,
372 i.e. userspace cannot rely on ``base + nr_func 372 i.e. userspace cannot rely on ``base + nr_functions`` overflowing.
373 373
374 The SMCCC filter applies to both SMC and HVC c 374 The SMCCC filter applies to both SMC and HVC calls initiated by the
375 guest. The SMCCC filter gates the in-kernel em 375 guest. The SMCCC filter gates the in-kernel emulation of SMCCC calls
376 and as such takes effect before other interfac 376 and as such takes effect before other interfaces that interact with
377 SMCCC calls (e.g. hypercall bitmap registers). 377 SMCCC calls (e.g. hypercall bitmap registers).
378 378
379 Actions: 379 Actions:
380 380
381 - ``KVM_SMCCC_FILTER_HANDLE``: Allows the gue 381 - ``KVM_SMCCC_FILTER_HANDLE``: Allows the guest SMCCC call to be
382 handled in-kernel. It is strongly recommend 382 handled in-kernel. It is strongly recommended that userspace *not*
383 explicitly describe the allowed SMCCC call 383 explicitly describe the allowed SMCCC call ranges.
384 384
385 - ``KVM_SMCCC_FILTER_DENY``: Rejects the gues 385 - ``KVM_SMCCC_FILTER_DENY``: Rejects the guest SMCCC call in-kernel
386 and returns to the guest. 386 and returns to the guest.
387 387
388 - ``KVM_SMCCC_FILTER_FWD_TO_USER``: The guest 388 - ``KVM_SMCCC_FILTER_FWD_TO_USER``: The guest SMCCC call is forwarded
389 to userspace with an exit reason of ``KVM_E 389 to userspace with an exit reason of ``KVM_EXIT_HYPERCALL``.
390 390
391 The ``pad`` field is reserved for future use a 391 The ``pad`` field is reserved for future use and must be zero. KVM may
392 return ``-EINVAL`` if the field is nonzero. 392 return ``-EINVAL`` if the field is nonzero.
393 393
394 KVM reserves the 'Arm Architecture Calls' rang 394 KVM reserves the 'Arm Architecture Calls' range of function IDs and
395 will reject attempts to define a filter for an 395 will reject attempts to define a filter for any portion of these ranges:
396 396
397 =========== =============== 397 =========== ===============
398 Start End (inclusive) 398 Start End (inclusive)
399 =========== =============== 399 =========== ===============
400 0x8000_0000 0x8000_FFFF 400 0x8000_0000 0x8000_FFFF
401 0xC000_0000 0xC000_FFFF 401 0xC000_0000 0xC000_FFFF
402 =========== =============== 402 =========== ===============
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.